[JDEV] MSNP8 Security Enhancement

[Tijl Houtbeckers]

harmeet_im at kodemuse.com wrote on 12-9-2003 2:45:03:
>
>Pre MSN P8 authentication was based on client computing a secure hash
>and sending it to the server, but the new SSL authentication requires
>you to send the password over SSL. ie. the Password is actually sent
>to one of n servers. This appears (to me) to actually reduce security.
>
>- Password is sent to remote location.

That remote location is aware of your password anyway.

>- If password is relayed from destination SSL server to one or more
>  upstream servers, my password(not obfuscated hash) is sent to more
>  nodes.

It's reasonable to assume that the risk of someone intercepting the 
traffic between the desination server and the actual server that 
verifies your password is basically the same as one of those machines 
being compromised. I'm sure security for these servers and any traffic 
inbetween them is *very* tight. 

>- SSL is prone to man in the middle attack. So one can insert an SSL
>  Server that appears to be the destination. This can be done if the
>  DNS is compromised. (This could be done at network level, hosts file
>  etc.) SSL on client side may verify destination servers identity
>  against a truststore but that is vulnerable too. :-( If the SSL
>  Server can be mimicked basically the attacker can create a proxy,
>  appear like the real destination and slurp all passwords. My point
>  is that MS has actually reduced security by forcing people to send
>  their password over network instead of hash of password.

Er.. this is new to me?! Aren't SSL certificates meant to prevent 
exactly what you are describing here? Sure you can compromise DNS and 
let the client connect to you instead of the server . But the only 
thing you could do is relay the SSL encrypted data to where it's 
supposed to go (the hotmail / passport SSL servers). There is no way to 
decrypt it. Sure it costs a few $$$ to buy an SLL certificate, but 
microsoft probably could have bought 20 those with the profit they made 
while I'm typing this email. 

Your password is no more or less secure than it was before (if you 
don't consider wich would take less time to bruteforce, 3DES or SHA1 
(wich the old MSN protocol used if I'm not mistaken)). Neither is your 
session itself (if I'm not mistaken SSL is only used for authentication 
right?) 

However, with SSL there is one more advantage for Microsoft. With the 
old protocol there is no way of establishing what the client is. Just 
that it's someone who knows the username and password. With SSL however 
there is the possibilities of client-side certificates. If Microsoft 
decides to only allow their own clients and 3rd party clients with a 
proper license they can choose to only provide a clientside certificate 
for those clients. 

Sure, you eaily "rip out" the clientside cert. from an official MSN 
client and use it in your own unofficial client or transport. 
Technically it will work, but legally you're on a lot more shaky ground 
than when you were simply reverse enigneering a protocol and building 
your own implementation of it. In other words, one could argue that you 
steal the SSL certificate and you use it to break into Microsofts 
servers. 

PS: I am not saying that Microsoft will do this when they switch 
protocols or later on (just speculating on the possibilities). Nor am I 
expressing any opinion on Microsoft if they would choose to do such a 
thing. 

-- 
Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands